summaryrefslogtreecommitdiff
path: root/libpod/runtime.go
diff options
context:
space:
mode:
Diffstat (limited to 'libpod/runtime.go')
-rw-r--r--libpod/runtime.go15
1 files changed, 15 insertions, 0 deletions
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 80fe92b54..d0bdeb574 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -16,6 +16,7 @@ import (
"github.com/containers/common/libimage"
"github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/secrets"
"github.com/containers/image/v5/pkg/sysregistriesv2"
is "github.com/containers/image/v5/storage"
"github.com/containers/image/v5/types"
@@ -103,6 +104,8 @@ type Runtime struct {
// noStore indicates whether we need to interact with a store or not
noStore bool
+ // secretsManager manages secrets
+ secretsManager *secrets.SecretsManager
}
// SetXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set.
@@ -1022,6 +1025,18 @@ func (r *Runtime) GetSecretsStorageDir() string {
return filepath.Join(r.store.GraphRoot(), "secrets")
}
+// SecretsManager returns the directory that the secrets manager should take
+func (r *Runtime) SecretsManager() (*secrets.SecretsManager, error) {
+ if r.secretsManager == nil {
+ manager, err := secrets.NewManager(r.GetSecretsStorageDir())
+ if err != nil {
+ return nil, err
+ }
+ r.secretsManager = manager
+ }
+ return r.secretsManager, nil
+}
+
func graphRootMounted() bool {
f, err := os.OpenFile("/run/.containerenv", os.O_RDONLY, os.ModePerm)
if err != nil {
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-14 03:18:56 +0000